Posted
by
Zonk
on Wednesday January 16, 2008 @03:43PM
from the im-in-ur-iphone-removin-ur-apps dept.

climber writes "Just days after the first scareware for OSX, researchers are pondering the problems of an iPhone exploit that could lead to larger issues. The Trojan pulls legitimate apps off the phone if you try to remove it, but it only infects iPhones that have 'been modified or opened through a security hole in the system.' Though this worm is more of an annoyance than anything else, it could be a proof of concept for a more serious attack. 'The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future. It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.'"

That security hole has been closed for a while, which is why you can find people trying to downgrade their iPhones back to 1.1.1 which will reintroduce the security hole, allowing them to jailbreak their phones again.
The phones were infected when users who had already intentionally jailbroken their phones downloaded a new application from an unsafe software repository.

I assume you've never seen or used a BES (Blackberry Enterprise Server) in a medium or large corporate environment.Maybe the iPhone is easier if your corporation is less than 10 users and John is your trusted IT guy. Do that many companies really allow direct access to POP/IMAP/SMTP from the random internet to the corporate email system? You can fire up Thunderbird and connect to your companies email? Not a single place that I've worked has done that. Really.One person can maintain thousands of crackberries from one console. "Maintain" means provision, destroy, deploy, maintain, monitor, manipulate, update, and configure all aspects of the device. You can even see who currently has a signal and when their device was last seen somewhere in the world and when it last sent and received email, feedback on if your changes made it to the device and the response, update passwords, encyption keys, service books, see if new policies were applied to the device, how many messages are queued for delivery, and email alerts to yourself or a syslog when a certain % of all of your users are not getting coverage or the queue backs up. You can erase and wipe out the units with tracking if the device got that signal or not.